SecurityTokenExpiredException reported in Azure #10625

shedspotter created 10 days ago

Hi,

product version = 9.0.1 product type = Angular product framework type = .net core 3.1

SecurityTokenExpiredException reported in Azure

Reviewing SQL activity, the DTU utilization is low

Reviewing application insights in Azure for the web app there are frequent exceptions raised around SecurityTokenExpiredException.

Digging into the transaction detail for one example, a 12.7 delay was caused by this exception consuming /api/TokenAuth/Authenticate

Simply refreshing the login page is one example where the exception is raised. timings can vary.

Logs: Microsoft.IdentityModel.Tokens.SecurityTokenExpiredException: at Microsoft.IdentityModel.Tokens.Validators.ValidateLifetime (Microsoft.IdentityModel.Tokens, Version=5.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateLifetime (System.IdentityModel.Tokens.Jwt, Version=5.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateTokenPayload (System.IdentityModel.Tokens.Jwt, Version=5.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken (System.IdentityModel.Tokens.Jwt, Version=5.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35) at SSD.Web.Authentication.JwtBearer.SSDJwtSecurityTokenHandler.ValidateToken (SSD.Web.Core, Version=9.0.1.0, Culture=neutral, PublicKeyToken=null: D:\a\1\s\SSD\aspnet-core\src\SSD.Web.Core\Authentication\JwtBearer\SSDJwtSecurityTokenHandler.cs:42) at Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerHandler+<HandleAuthenticateAsync>d__6.MoveNext (Microsoft.AspNetCore.Authentication.JwtBearer, Version=3.0.0.0, Culture=neutral, PublicKeyToken=adb9793829ddae60)

Thanks

3 Answer(s)

0
musa.demir created 7 days ago
Support Team
Hi @shedspotter

That error is thrown by System.IdentityModel.Tokens.Jwt.ValidateToken method, (see:https://docs.microsoft.com/en-us/dotnet/api/system.identitymodel.tokens.jwt.jwtsecuritytokenhandler.validatetoken?view=azure-dotnet). Refreshing your browser should not cause the error. Can you please check these:

Check if your token lifetime is long enough.(https://github.com/aspnetzero/aspnet-zero-core/blob/2269967cc03e5c460e2d6c0833cb97feaa5d1fad/aspnet-core/src/MyCompanyName.AbpZeroTemplate.Application.Shared/AppConsts.cs#L49)

Check if your current token is really expired? (you can use https://jwt.io/)

Check if your current token exists, if it exists store it. Then refresh your browser and check if they are equal.
0

shedspotter created 6 days ago

Hi musa.demir,

Thank you for the response

step 1. it is same like shared link. step 2. the current token is not expired. step 3. after following the 3rd step the previous token and the new token after refreshing the browser has same expiration time

Thanks
0

musa.demir created 5 days ago
Support Team

Hi @shedspotter

Can you please share your token's exp field and the exact time you get the error(with timezone)? It might has timezone problem.

Have an answer to this question? Log in and write your answer.